This session will summarize regulatory change management as it relates to environmental health and safety - including the four reasons why implementation of regulatory change management is necessary for the success of your organization, and which regulations or standards apply. We'll also discuss the five steps to regulatory compliance and change management: regulatory knowledge base, risk and internal controls, business process, location and assets, and roles and responsibilities. You'll learn how to overcome challenges and achieve compliance. More info at http://www.360factors.com/free-presentation-on-operational-risk-and-regulatory-change-management-by-ed-sattar-tsce-san-antonio-tx/

2. OPERATIONAL RISK & REGULATORY
CHANGE MANAGEMENT

3. Speaker: Ed Sattar
Ed Sattar is the CEO of 360training and founder of 360factors, an operational risk and
compliance management software company. For more than a decade, Ed has made
significant professional contributions to the regulatory compliance space across multiple
industries. His experiences include extensive research and consulting for regulatory
compliance consulting firms and training providers as well as state and federal regulatory
agencies. During his tenure in the risk and regulatory compliance workflow automation and
eTraining space, he has identified key criteria and compliance standards that are currently
being published and implemented.
Ed Sattar has been nominated for the Ernst & Young Entrepreneur of the Year award three
times and was among the top seven finalists in 2009. He has appeared on the Deloitte Fast
50 as the leader of the 6th fastest growing company in Texas and got the companies listed
in Inc 5000 several times as one of the fastest growing companies under his leadership.
Ed studied Electrical Engineering and Finance at the University of Texas at Austin.

4. Effective Operational
Risk Management & Three P’s

5. Outline
 Operational Risk & Regulatory Trends
 Why Automate an Operational Risk and Regulatory Change Management System
 Operational Risk and Compliance Management Model & Methodology
 How to Implement an Operational Risk and Compliance Management System
 Can Automation and Software Increase Operational Excellence and Reduce Risk & Cost?

6. Operational Risk & Regulatory Trends

7. Rising Regulations and Cost

8. Regulatory Change is Significantly
Impacting Operational Risk
Source: Davis, Polk Dodd-Frank Infographics

9. Automate Regulatory Compliance
Through Software
BENEFITS OF AN INTEGRATED MANAGEMENT SYSTEM
Source: Global survey by KPMG, Inc

10. Operational risk Trends
Top Operational Risk Trends
Changes in Legislation and Regulations 27 %
Business Interruption (safety, environment, disruption,
supply chain)
33%
Loss of Reputation & Brand 30%
Cyber Security 10%
Source: Davis, Alliance Global Corporate

11. Managing Your Operations
Seamlessly While Reducing
Risk

12. Why Automate an Operational
Risk & Regulatory Change
Management System

13. Four Reasons to Automate
Operational Risk & Regulatory
Change Management
1. Regulatory and Asset Intensive Organization
2. Understanding Regulations- Either Over Complying or Under Complying
3. Lack of Automation in Streamlining Day-to-Day Compliance, Event and Incident
Management with Respect to Regulatory Change Management
4. Ability to React Quickly- Tracking and Monitoring Non-Compliance Items Such as Events,
Incidents, Audits & Investigations

14. Reasons to Automate
Operational Risk & Regulatory
Change Management
 Understanding Regulations
 Regulatory Change Management
 Regulatory Applicability
 Day-to-Day Compliance Tasking
 Event-Driven Compliance Tasking
 Incident Management and Root
Cause Analysis
 Predictive Risk Analysis
 Corrective and Preventive Actions
 Policy and Procedure Management
 Audit Management
 Sustainability
 Training Management
 Multiple Tools to address Reg Compliance
Other Industry Pain Points

15. Operational Risk and
Compliance Management Model

16. Operational Risk and Compliance
Management Model – Five Steps
1. WHY = Regulatory change management
2. WHAT = Risk and internal controls
3. HOW = Operational excellence and processes
4. WHERE = Location / assets
5. WHO = Defining & mapping roles / key management functions to metrics & P&L

17. OPERATIONL RISK &
COMPLIANCE MANAGEMENT
MODEL HOWHOW
WHYWHY
WHATWHAT
WHOWHO
WHEREWHERE

18. How to Implement an Operational
Risk and Compliance Management
System

19. Step 1- Requirements Knowledge
Base & Taxonomy
1. Library - Regulations, standards, requirements and
objectives
2. Translate regulatory requirements into action, evidence,
subject, and frequency
3. Monitor regulatory change
4. Regulations in effect to proposed
5. Mapping- regulatory requirements mapped to CAPA ,
policy procedures and evidence, risks and audits
6. Regulation applicability
COMPONENTS OF REQUIREMENTS KNOWLEDGE BASE
WHYWHY

20. Step 2- Risk & Internal Controls
1. What is impacted?
 Environmental Risk
 Financial Risk
 Legal Risk
 Reputational Risk
 Operational Risk
2. Define risk levels
 Which details are impacting factors?
 Is it based on a systematic process allowing the
organization to prioritize more efficiently?
 Effectively assesses issues requiring immediate
action.
3. Define internal controls
 Process
 Procedures
 Risk Assessments
 Tasks
 Training
WHATWHAT

21. Step 2- Risk & Internal Controls
Small
Workforce
Large Workforce
Low
Risk
to
High
Risk
Low
Risk
to
High
Risk

22. Step 3- Business Processes
1. How
2. Compliance routines process around
sites, assets, and events into a coherent
system
3. System enabled reports
4. Manual vs. automation analysis
HOWHOW

23. Step 3- Business Processes
PROCESSESS THAT CAN BE AUTOMATED
PROCESSESS THAT CAN’T BE AUTOMATED
HOWHOW

24. Step 4. Location & Assets
1. Where is compliance done.
2. Compliance done at the site and asset level
3. Ability to determine which regulations are applicable at
a location/site
WHEREWHERE

25. Step 5. Roles & Responsibility
1. EHS Regulatory Compliance
Governance Structure - Clarify roles,
responsibilities and functions
2 Clarify resource capabilities and
escalation procedures, as well as the
information and reporting systems.
3. This last step ties in all four steps of the
model.
4. Is there a specific role and responsibility
structure or can it vary by organization
and industry?
WHOWHO

26. Step 5. Roles & Responsibility
COMPONENTS OF ROLES AND RESPONSIBILITES

27. Can Automation and Software
Increase Operational Excellence
and Reduce Risks and Overall
Cost?

28. Automate Regulatory Compliance
Through Software
1. Is technology perceived as a catalyst for
growth and performance?
2. Are people or technology barriers to
Regulatory Compliance Automation?

29. Step 2 - Risk & Internal Controls
Small Workforce Large Workforce

30. Predict360 REGULATORY COMPLIANCE ARCHITECTURE

31. People, Planet and Profit

32. RECAP
1. Regulations are growing at an increasing rate, causing the cost
to go up
2. Enterprise risk and regulatory change management model
3. This model drives operational excellence across all functional
departments
4. Complex vs. non-complex organization – risk increases
5. Automation and technology drives operational excellence
6. Profit, people and planet are happy